Privacy Policy

Who We Are
Data We Collect
How We Use Your Data
Legal Basis for Processing
Data Storage and Security
Data Sharing
Your Rights
Cookies and Tracking
GDPR Compliance
HIPAA Alignment
Children's Privacy
International Data Transfers
Changes to This Policy
Contact Us

1. Who We Are

MARKABLE is a general wellness monitoring platform developed by MARKABLE Ltd., based in Israel. We provide non-invasive hormonal wellness insights through facial analysis, cognitive testing, and symptom tracking. MARKABLE is not a medical device and does not diagnose, treat, cure, or prevent any disease or condition.

For the purposes of data protection law, MARKABLE Ltd. is the data controller responsible for your personal information.

2. Data We Collect

2.1 Facial Image Data

When you perform a wellness check, we capture a facial photograph using your device's camera. This image is processed in real-time by our computer vision algorithms to extract numerical wellness indicators. Original photographs are not stored on our servers unless you explicitly opt in to photo storage. The numerical data derived from your image is retained as part of your wellness profile.

2.2 Cognitive Performance Data

Our wellness check includes brief cognitive exercises (such as reaction time, digit span, word recall, and sustained attention tasks). We collect your performance results, response times, and accuracy scores. This data is used to generate your cognitive wellness profile and track trends over time.

2.3 Symptom and Self-Report Data

You may provide information about your symptoms across multiple wellness domains including sleep, mood, energy, urogenital health, musculoskeletal comfort, and others. You may also provide information about your menstrual cycle, lifestyle factors, and treatment adherence.

2.4 Account and Profile Data

When you create an account, we collect your name, email address, date of birth, and relevant demographic information necessary for accurate wellness assessment.

2.5 Device and Usage Data

We automatically collect technical information including device type, operating system, browser type, IP address, and interaction patterns within the application. This data helps us improve performance and troubleshoot issues.

3. How We Use Your Data

Wellness Assessment: To generate your personal hormonal wellness insights and track changes over time.
Provider Reports: When you choose to share your data with a healthcare provider, we generate structured reports summarizing your wellness trends.
Product Improvement: Aggregated, de-identified data may be used to improve our algorithms and service quality.
Research: With your explicit consent, de-identified data may contribute to wellness research. You can opt out at any time.
Communication: To send you wellness check reminders, results, product updates, and support messages.
Compliance: To comply with legal obligations and respond to lawful requests from authorities.

4. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

Consent: You provide explicit consent when creating your account and performing wellness checks. For facial image processing and health-related data, we rely on your explicit, informed consent.
Contract Performance: Processing necessary to deliver the wellness monitoring service you have requested.
Legitimate Interest: For product improvement, security, and fraud prevention, where such interests do not override your rights.
Legal Obligation: Where required by applicable law.

5. Data Storage and Security

Your data is protected using industry-standard security measures:

Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
Image Processing: Facial photographs are processed in real-time and converted to numerical feature data. Original images are not stored unless you opt in.
Access Controls: Strict role-based access controls limit who can access personal data within our organization.
Data Retention: We retain your personal data for as long as your account is active or as needed to provide services. You may request deletion at any time (see Section 7).
Incident Response: We maintain procedures to detect, report, and respond to data breaches in accordance with applicable law.

We do not sell your personal data. We share data only in the following circumstances:

With Your Healthcare Provider: Only when you explicitly choose to share a report with a specific provider.
With Your Employer's Wellness Program: Only in aggregated, de-identified form. Your employer never receives individual-level data.
Service Providers: We use carefully selected third-party service providers (cloud hosting, analytics) who are contractually bound to protect your data and use it only for the services we engage them for.
Legal Requirements: When required by law, regulation, or valid legal process.
Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data becomes subject to a different privacy policy.

    Key commitment: MARKABLE will never share your individual facial images, cognitive scores, or symptom data with your employer, insurer, or any third party without your explicit, informed consent.
  

7. Your Rights

Depending on your location, you have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request that we delete your personal data. Upon request, we will delete your account and associated data within 30 days, except where retention is required by law.
Data Portability: Receive your data in a structured, commonly used, machine-readable format (JSON or CSV).
Restriction: Request that we restrict processing of your data under certain circumstances.
Objection: Object to processing based on legitimate interests.
Withdraw Consent: Withdraw your consent at any time. This does not affect the lawfulness of processing before withdrawal.

To exercise any of these rights, contact us at revital@markable.life. We will respond within 30 days.

8. Cookies and Tracking

Our website and application use cookies and similar technologies for the following purposes:

Essential Cookies: Required for the application to function (session management, authentication).
Analytics Cookies: We use Google Analytics to understand how visitors interact with our website. This data is aggregated and does not identify individual users. You can opt out using Google's browser opt-out plugin.
Preference Cookies: To remember your settings and preferences.

You can manage cookie preferences through your browser settings. Disabling essential cookies may affect application functionality.

For users in the European Economic Area (EEA) and United Kingdom, we comply with the General Data Protection Regulation (GDPR) and UK GDPR respectively. This includes:

Processing health-related and biometric data only with your explicit consent
Maintaining records of processing activities
Conducting data protection impact assessments for high-risk processing
Providing clear mechanisms for exercising your data subject rights
Implementing appropriate safeguards for international data transfers

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority.

10. HIPAA Alignment

While MARKABLE is a general wellness tool and not a covered entity under HIPAA, we voluntarily align our data handling practices with HIPAA standards. This includes:

Encryption of all health-related data in transit and at rest
Strict access controls and audit logging
Business associate agreements with third-party service providers who handle health-related data
Regular security assessments
Breach notification procedures

11. Children's Privacy

MARKABLE is designed for adults aged 18 and older. We do not knowingly collect personal data from children under 18. If we become aware that we have collected data from a child under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us at revital@markable.life.

12. International Data Transfers

MARKABLE operates from Israel, which has been recognized by the European Commission as providing an adequate level of data protection. When we transfer data to other jurisdictions, we ensure appropriate safeguards are in place, including standard contractual clauses where required.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by email or through a prominent notice in our application at least 30 days before the changes take effect. Your continued use of MARKABLE after the effective date of a revised policy constitutes acceptance of the updated terms.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

MARKABLE Ltd.
Email: revital@markable.life
Website: markable.life

Contents